graphql-patterns
Schema design, resolver patterns, DataLoader, N+1 prevention, and subscription patterns for GraphQL APIs.
Best use case
graphql-patterns is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Schema design, resolver patterns, DataLoader, N+1 prevention, and subscription patterns for GraphQL APIs.
Teams using graphql-patterns should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/graphql-patterns/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How graphql-patterns Compares
| Feature / Agent | graphql-patterns | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Schema design, resolver patterns, DataLoader, N+1 prevention, and subscription patterns for GraphQL APIs.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# GraphQL Patterns
Production-grade GraphQL API design with performance and type safety.
## Schema Design Principles
```graphql
# Use interfaces for shared fields
interface Node {
id: ID!
createdAt: DateTime!
updatedAt: DateTime!
}
type User implements Node {
id: ID!
createdAt: DateTime!
updatedAt: DateTime!
email: String!
displayName: String!
posts(first: Int, after: String): PostConnection!
}
# Relay-style pagination (cursor-based)
type PostConnection {
edges: [PostEdge!]!
pageInfo: PageInfo!
totalCount: Int!
}
type PostEdge {
node: Post!
cursor: String!
}
type PageInfo {
hasNextPage: Boolean!
hasPreviousPage: Boolean!
startCursor: String
endCursor: String
}
# Input types for mutations
input CreatePostInput {
title: String!
body: String!
tags: [String!]
}
# Union for mutation results (error handling without exceptions)
type CreatePostSuccess {
post: Post!
}
type ValidationError {
field: String!
message: String!
}
union CreatePostResult = CreatePostSuccess | ValidationError
```
## DataLoader - N+1 Prevention
```typescript
import DataLoader from 'dataloader'
// Batch function: receives array of keys, returns array of results in same order
function createUserLoader(db: Database) {
return new DataLoader<string, User | null>(async (userIds) => {
const users = await db.user.findMany({
where: { id: { in: [...userIds] } }
})
const userMap = new Map(users.map(u => [u.id, u]))
// MUST return in same order as input keys
return userIds.map(id => userMap.get(id) ?? null)
})
}
// Create per-request context (loaders are NOT shared across requests)
function createContext(req: Request) {
const db = getDatabase()
return {
db,
loaders: {
user: createUserLoader(db),
post: createPostLoader(db),
comment: createCommentLoader(db),
}
}
}
// Resolver uses loader instead of direct DB query
const resolvers = {
Post: {
author: (post: Post, _args: unknown, ctx: Context) => {
return ctx.loaders.user.load(post.authorId) // batched automatically
}
}
}
```
## Resolver Pattern with Validation
```typescript
import { z } from 'zod'
const CreatePostSchema = z.object({
title: z.string().min(1).max(200),
body: z.string().min(10).max(50000),
tags: z.array(z.string()).max(10).optional()
})
const resolvers = {
Mutation: {
createPost: async (_parent: unknown, args: { input: unknown }, ctx: Context) => {
// Auth guard
if (!ctx.currentUser) {
throw new AuthenticationError('Login required')
}
// Input validation
const parsed = CreatePostSchema.safeParse(args.input)
if (!parsed.success) {
return {
__typename: 'ValidationError',
field: parsed.error.issues[0].path.join('.'),
message: parsed.error.issues[0].message
}
}
const post = await ctx.db.post.create({
data: { ...parsed.data, authorId: ctx.currentUser.id }
})
return { __typename: 'CreatePostSuccess', post }
}
}
}
```
## Subscription Patterns
```typescript
import { PubSub, withFilter } from 'graphql-subscriptions'
const pubsub = new PubSub() // Use RedisPubSub in production
const EVENTS = {
POST_CREATED: 'POST_CREATED',
COMMENT_ADDED: 'COMMENT_ADDED',
} as const
const resolvers = {
Subscription: {
commentAdded: {
// Filter: only deliver to subscribers watching this post
subscribe: withFilter(
() => pubsub.asyncIterableIterator(EVENTS.COMMENT_ADDED),
(payload, variables) => payload.commentAdded.postId === variables.postId
)
}
},
Mutation: {
addComment: async (_p: unknown, args: { postId: string; body: string }, ctx: Context) => {
const comment = await ctx.db.comment.create({
data: { postId: args.postId, body: args.body, authorId: ctx.currentUser!.id }
})
await pubsub.publish(EVENTS.COMMENT_ADDED, { commentAdded: comment })
return comment
}
}
}
```
## Query Depth & Complexity Limiting
```typescript
import depthLimit from 'graphql-depth-limit'
import { createComplexityLimitRule } from 'graphql-validation-complexity'
const server = new ApolloServer({
schema,
validationRules: [
depthLimit(7), // Max 7 levels deep
createComplexityLimitRule(1000, { // Max 1000 complexity points
scalarCost: 1,
objectCost: 2,
listFactor: 10,
})
]
})
```
## Checklist
- [ ] Cursor-based pagination (not offset-based) for all list fields
- [ ] DataLoader for every relationship resolver (one loader per entity per request)
- [ ] Input validation with zod/joi before DB operations
- [ ] Query depth limit (7-10) and complexity limit
- [ ] Auth checks in resolvers, not middleware (field-level control)
- [ ] Union types for mutation results instead of throwing errors
- [ ] Persisted queries in production (disable arbitrary queries)
- [ ] Schema versioned via interfaces, not breaking changes
## Anti-Patterns
- Exposing database IDs directly (use opaque/global IDs)
- Resolver doing N+1 queries without DataLoader
- Sharing DataLoader instances across requests (stale data, auth leak)
- Offset pagination on large datasets (performance cliff)
- God queries: single resolver fetching entire object graph
- Putting business logic in resolvers (keep resolvers thin, use service layer)Related Skills
websocket-patterns
Connection management, room patterns, reconnection strategies, message buffering, and binary protocol design.
vector-db-patterns
Embedding strategies, ANN algorithms, hybrid search, RAG chunking strategies, and reranking for semantic search and retrieval.
tracing-patterns
OpenTelemetry setup, span context propagation, sampling strategies, Jaeger queries
terraform-patterns
Module composition, state management, workspace strategy, provider versioning, and infrastructure-as-code best practices.
swift-patterns
SwiftUI view composition, @Observable patterns, async/await concurrency, TCA architecture, and Combine reactive streams.
springboot-patterns
Spring Boot architecture patterns, REST API design, layered services, data access, caching, async processing, and logging. Use for Java Spring Boot backend work.
seo-patterns
Meta tag patterns, structured data (JSON-LD), Core Web Vitals optimization, and SSR/SSG strategies for search visibility.
secret-patterns
30+ service-specific secret detection regex patterns, entropy-based detection, PEM/JWT/Base64 identification, and false positive filtering.
saas-payment-patterns
Payment provider abstraction, webhook security, subscription lifecycle, dunning flows, pricing models, invoicing, tax handling, and refund patterns for SaaS applications.
saas-auth-patterns
SaaS authentication and authorization patterns including JWT vs session strategies, multi-tenant isolation, RBAC, API key management, passwordless flows, MFA, and secure session handling.
saas-analytics-patterns
SaaS analytics event taxonomy, metric formulas (MRR, churn, LTV), provider-agnostic tracking, funnel analysis, cohort setup, and privacy-respecting instrumentation.
revenuecat-patterns
RevenueCat SDK entegrasyon pattern'leri. iOS (Swift), Android (Kotlin), React Native ve Flutter icin setup, offerings, entitlement checking, webhook integration, StoreKit 2 migration ve sandbox testing.